Title :
On a Classification Approach for SOA Vulnerabilities
Author :
Lowis, Lutz ; Accorsi, Rafael
Author_Institution :
Dept. of Telematics, Albert-Ludwig Univ. of Freiburg, Freiburg, Germany
Abstract :
Vulnerabilities in operating systems and Web applications have been and are being put into various classifications, leading to a better understanding of their causes and effects, and to improved vulnerability management tool support. In a service-oriented architecture (SOA), additional vulnerabilities exist in the implementations of new standards such as BPEL and SOAP. Attackers can exploit these vulnerabilities to interfere with the business processes, which are executed as orchestration of services. We describe our approach and ongoing work of creating a SOA vulnerability classification.
Keywords :
Web services; operating systems (computers); pattern classification; security of data; SOA vulnerability; Web application; business process; classification approach; operating system; service-oriented architecture; vulnerability management tool support; Application software; Buffer overflow; Computer applications; Databases; Monitoring; Security; Semiconductor optical amplifiers; Service oriented architecture; Simple object access protocol; Software tools; SOA; Security; Vulnerability Classification; Vulnerability Management;
Conference_Titel :
Computer Software and Applications Conference, 2009. COMPSAC '09. 33rd Annual IEEE International
Conference_Location :
Seattle, WA
Print_ISBN :
978-0-7695-3726-9
DOI :
10.1109/COMPSAC.2009.173
